2025-07-24 02:48:53 +00:00
3 changed files with 33 additions and 75 deletions
--- a/src/main/kotlin/roomescape/auth/web/support/AuthInterceptors.kt
+++ b/src/main/kotlin/roomescape/auth/web/support/AuthInterceptors.kt
@ -2,89 +2,51 @@ package roomescape.auth.web.support

 import jakarta.servlet.http.HttpServletRequest
 import jakarta.servlet.http.HttpServletResponse
-import org.springframework.http.HttpStatus
 import org.springframework.stereotype.Component
 import org.springframework.web.method.HandlerMethod
 import org.springframework.web.servlet.HandlerInterceptor
+import roomescape.auth.exception.AuthErrorCode
+import roomescape.auth.exception.AuthException
 import roomescape.auth.infrastructure.jwt.JwtHandler
-import roomescape.common.exception.ErrorType
-import roomescape.common.exception.RoomescapeException
 import roomescape.member.business.MemberService
 import roomescape.member.infrastructure.persistence.MemberEntity

-private fun Any.isIrrelevantWith(annotationType: Class<out Annotation>): Boolean {
-    if (this !is HandlerMethod) {
-        return true
-    }
-    return !this.hasMethodAnnotation(annotationType)
-}
-
@Component
-class LoginInterceptor(
+class AuthInterceptor(
        private val memberService: MemberService,
        private val jwtHandler: JwtHandler
 ) : HandlerInterceptor {
-
-    @Throws(Exception::class)
-    override fun preHandle(
-            request: HttpServletRequest,
-            response: HttpServletResponse,
-            handler: Any
-    ): Boolean {
-        if (handler.isIrrelevantWith(LoginRequired::class.java)) {
+    override fun preHandle(request: HttpServletRequest, response: HttpServletResponse, handler: Any): Boolean {
+        if (handler !is HandlerMethod) {
            return true
        }

+        val loginRequired = handler.getMethodAnnotation(LoginRequired::class.java)
+        val admin = handler.getMethodAnnotation(Admin::class.java)
+
+        if (loginRequired == null && admin == null) {
+            return true
+        }
+
+        val member: MemberEntity = findMember(request, response)
+
+        if (admin != null && !member.isAdmin()) {
+            response.sendRedirect("/login")
+            throw AuthException(AuthErrorCode.ACCESS_DENIED)
+        }
+
+        return true
+    }
+
+    private fun findMember(request: HttpServletRequest, response: HttpServletResponse): MemberEntity {
        try {
            val token: String? = request.accessTokenCookie().value
            val memberId: Long = jwtHandler.getMemberIdFromToken(token)

-            return memberService.existsById(memberId)
-        } catch (_: RoomescapeException) {
+            return memberService.findById(memberId)
+        } catch (e: Exception) {
            response.sendRedirect("/login")
-            throw RoomescapeException(ErrorType.LOGIN_REQUIRED, HttpStatus.FORBIDDEN)
-        }
-    }
-}
-
-@Component
-class AdminInterceptor(
-        private val memberService: MemberService,
-        private val jwtHandler: JwtHandler
-) : HandlerInterceptor {
-
-    @Throws(Exception::class)
-    override fun preHandle(
-            request: HttpServletRequest,
-            response: HttpServletResponse,
-            handler: Any
-    ): Boolean {
-        if (handler.isIrrelevantWith(Admin::class.java)) {
-            return true
-        }
-
-        val member: MemberEntity?
-
-        try {
-            val token: String? = request.accessTokenCookie().value
-            val memberId: Long = jwtHandler.getMemberIdFromToken(token)
-            member = memberService.findById(memberId)
-        } catch (_: RoomescapeException) {
-            response.sendRedirect("/login")
-            throw RoomescapeException(ErrorType.LOGIN_REQUIRED, HttpStatus.FORBIDDEN)
-        }
-
-        with(member) {
-            if (this.isAdmin()) {
-                return true
-            }
-
-            response.sendRedirect("/login")
-            throw RoomescapeException(
-                    ErrorType.PERMISSION_DOES_NOT_EXIST,
-                    String.format("[memberId: %d, Role: %s]", this.id, this.role),
-                    HttpStatus.FORBIDDEN
-            )
+            throw e
        }
    }
 }
--- a/src/main/kotlin/roomescape/auth/web/support/MemberIdResolver.kt
+++ b/src/main/kotlin/roomescape/auth/web/support/MemberIdResolver.kt
@ -18,7 +18,6 @@ class MemberIdResolver(
        return parameter.hasParameterAnnotation(MemberId::class.java)
    }

-    @Throws(Exception::class)
    override fun resolveArgument(
            parameter: MethodParameter,
            mavContainer: ModelAndViewContainer?,
--- a/src/main/kotlin/roomescape/common/config/WebMvcConfig.kt
+++ b/src/main/kotlin/roomescape/common/config/WebMvcConfig.kt
@ -4,15 +4,13 @@ import org.springframework.context.annotation.Configuration
 import org.springframework.web.method.support.HandlerMethodArgumentResolver
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
-import roomescape.auth.web.support.AdminInterceptor
-import roomescape.auth.web.support.LoginInterceptor
+import roomescape.auth.web.support.AuthInterceptor
 import roomescape.auth.web.support.MemberIdResolver

@Configuration
 class WebMvcConfig(
        private val memberIdResolver: MemberIdResolver,
-        private val adminInterceptor: AdminInterceptor,
-        private val loginInterceptor: LoginInterceptor
+        private val authInterceptor: AuthInterceptor
 ) : WebMvcConfigurer {

    override fun addArgumentResolvers(resolvers: MutableList<HandlerMethodArgumentResolver>) {
@ -20,7 +18,6 @@ class WebMvcConfig(
    }

    override fun addInterceptors(registry: InterceptorRegistry) {
-        registry.addInterceptor(adminInterceptor)
-        registry.addInterceptor(loginInterceptor)
+        registry.addInterceptor(authInterceptor)
    }
 }